From 99d6e0883af6759f80ddba01cbb1d90431929bfd Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 24 Feb 2011 14:45:46 -0500 Subject: Set SuiteSpotGroup when setting up our 389-ds instances. The group is now required because 389-ds has tightened the permissions on /var/run/dirsrv. We use the same group for both our LDAP instances and /var/run/dirsrv ends up as root:dirsrv mode 0770. ticket 1010 --- ipaserver/install/cainstance.py | 4 +++- ipaserver/install/dsinstance.py | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py index 7cdd28d9f..74d78dcad 100644 --- a/ipaserver/install/cainstance.py +++ b/ipaserver/install/cainstance.py @@ -72,6 +72,7 @@ INF_TEMPLATE = """ [General] FullMachineName= $FQHN SuiteSpotUserID= $USER +SuiteSpotGroup= $GROUP ServerRoot= $SERVER_ROOT [slapd] ServerPort= $DSPORT @@ -255,7 +256,8 @@ class CADSInstance(service.Service): PASSWORD=self.dm_password, SUFFIX=self.suffix.lower(), REALM=self.realm_name, USER=PKI_DS_USER, SERVER_ROOT=server_root, DOMAIN=self.domain, - TIME=int(time.time()), DSPORT=self.ds_port) + TIME=int(time.time()), DSPORT=self.ds_port, + GROUP=dsinstance.DS_GROUP) def __create_ds_user(self): user_exists = True diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py index bf631a67f..2bb083fb9 100644 --- a/ipaserver/install/dsinstance.py +++ b/ipaserver/install/dsinstance.py @@ -149,6 +149,7 @@ INF_TEMPLATE = """ [General] FullMachineName= $FQHN SuiteSpotUserID= $USER +SuiteSpotGroup= $GROUP ServerRoot= $SERVER_ROOT [slapd] ServerPort= 389 @@ -319,6 +320,7 @@ class DsInstance(service.Service): TIME=int(time.time()), IDSTART=self.idstart, IDMAX=self.idmax, HOST=self.fqdn, ESCAPED_SUFFIX= escape_dn_chars(self.suffix.lower()), + GROUP=DS_GROUP, ) def __create_ds_user(self): -- cgit